Firefox Gets Security Fixes Ahead of PWN2OWN Contest
Mozilla released 10 security fixes for its Firefox browser Wednesday in advance of next week's PWN2OWN contest at the CanSecWest conference in Vancouver, where security experts will attempt to exploit any security vulnerabilities in the world's leading web browsers. Mozilla's update follows on the heels of 19 security fixes that Google released for Chrome on Monday.
Hosted by security firm TippingPoint, the annual PWN2OWN event draws major media attention from around the globe. This year, Google is raising the stakes by offering a $20,000 cash prize to any PWN2OWN contestant who successfully breaches Chrome's browser security.
"Kudos to the Google security team for taking the initiative to approach us on this," said Aaron Portnoy, manager of the security research team at TippingPoint. "We're always in favor of rewarding security researchers for the work they too often do for free," he wrote in a blog.
A JPEG Exploit
Mozilla's first browser security update since Dec. 9 includes fixes for eight "critical" vulnerabilities. This week's Firefox 3.6.14 update covers a range of vulnerability issues, many of which were reported to Mozilla by independent security researchers.
For example, Jordi Chancel notified Mozilla that hackers could potentially construct a JPEG file that some versions of Firefox would decode incorrectly, causing data to be written past the end of the buffer that the machine creates to store the image. An attacker could potentially have exploited this vulnerability by causing malicious code to be stored in memory for later execution on the host computer.
Adobe Systems security researcher Peleus Uhley reported a cross-site request forgery (CSRF) risk where unauthorized commands could be transmitted through a user that a web site trusts. When the requests initiated by a Firefox plug-in received a 307 redirect, the plug-in would not have been notified and the request could have been forwarded to another location on the web.
"This poses a CSRF risk for web applications that rely on custom headers only being present in requests from their own origin," Mozilla said in a security advisory.
Other Security Holes
Two security holes involving Firefox's JavaScript engine are also being plugged this week. For example, the JavaScript engine's internal memory mapping of non-local JS variables contained a buffer overflow. According to Mozilla, hackers could have exploited the flaw to run arbitrary code on a victim's computer.
Another ed Firefox flaw would have enabled attackers to force the browser user "into accepting any open dialog box, such as one granting elevated privileges to the page presenting the dialog," Mozilla observed. Additionally, Mozilla developers identified and fixed several memory safety bugs that under certain circumstances attackers could have exploited to run arbitrary code.
Now it's up to the PWN2OWN contestants to see what other security flaws they can find to exploit in Firefox and other major browsers, beginning March 9. The goal is to ensure the responsible disclosure of vulnerabilities, giving the affected vendors the opportunity to issue es, TippingPoint said.
"Last year the contest was a great success, with three of the four browsers successfully compromised as well as the Apple iPhone," Portnoy observed. "We've upped the ante this time around and the total cash pool allotted for prizes has risen to a whopping $125,000."
| ADVERTISING » | « ADVERTISING |
